Mercurial > hg > fapweb
annotate ajax.php @ 8:4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Thu, 06 Dec 2012 13:30:46 +0200 |
parents | 76c3b89d7b11 |
children | e36c4d2b09c4 |
rev | line source |
---|---|
0 | 1 <? |
2 require "mconfig.inc.php"; | |
3 require "msite.inc.php"; | |
4 | |
5 // Check if we are allowed to execute | |
5
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
6 if (!stCheckHTTPS() || !stAdmSessionAuth()) |
0 | 7 { |
8 header("Status: 404 Not Found"); | |
9 exit; | |
10 } | |
11 | |
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
12 stSetupCacheControl(); |
0 | 13 |
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
14 // Initiate SQL database connection |
0 | 15 if (!stConnectSQLDB()) |
16 die("Could not connect to SQL database."); | |
17 | |
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
18 // Fetch non-"hardcoded" settings from SQL database |
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
19 stReloadSettings(); |
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
20 |
0 | 21 |
22 function setStatus($val, $msg) | |
23 { | |
24 global $statusSet; | |
25 if (!$statusSet) | |
26 { | |
27 header("Status: ".$val." ".$msg); | |
28 } | |
29 $statusSet = TRUE; | |
30 } | |
31 | |
32 | |
33 function execSQLCond($sql, $okmsg) | |
34 { | |
35 if (($res = stExecSQL($sql)) !== FALSE) | |
36 { | |
37 if ($okmsg != "") | |
38 setStatus(200, $okmsg); | |
39 return $res; | |
40 } | |
41 else | |
42 { | |
43 setStatus(900, "Error in SQL execution."); | |
44 return FALSE; | |
45 } | |
46 } | |
47 | |
48 | |
49 // XMLHttp responses | |
50 $action = "ERROR"; | |
51 if (stChkRequestItem("action") && stChkRequestItem("type")) | |
52 { | |
53 $action = $_REQUEST["action"]; | |
54 $type = $_REQUEST["type"]; | |
55 } | |
56 | |
57 | |
58 switch ($action) | |
59 { | |
60 case "dump": | |
61 if (($res = execSQLCond( | |
62 "SELECT * FROM attendees WHERE email NOT NULL AND email != '' ORDER BY regtime DESC", | |
63 "Dump OK.")) !== FALSE) | |
64 { | |
65 $out1 = array(); | |
66 $out2 = array(); | |
67 | |
68 foreach ($res as $item) | |
69 { | |
70 $out1[] = $item["name"]." <".$item["email"].">"; | |
71 $out2[] = $item["email"]; | |
72 } | |
73 | |
74 echo "<br /><hr />". | |
75 implode(", ", $out1)."<br /><hr /><br />". | |
76 implode("<br />", $out1)."<br /><hr /><br />". | |
77 implode(", ", $out2)."<br /><hr /><br />". | |
78 implode("<br />", $out2)."<br /><hr />"; | |
79 | |
80 } | |
81 break; | |
82 | |
83 case "get": | |
84 switch ($type) | |
85 { | |
86 case "news": | |
87 $sql = "SELECT * FROM news ORDER BY utime DESC"; | |
88 break; | |
89 | |
90 case "attendees": | |
91 $sql = "SELECT * FROM attendees ORDER BY regtime DESC"; | |
92 break; | |
93 | |
94 case "compos": | |
95 $sql = "SELECT * FROM compos ORDER BY id DESC"; | |
96 break; | |
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
97 |
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
98 case "settings": |
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
99 $sql = "SELECT * FROM settings"; |
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
100 break; |
0 | 101 |
102 case "entries": | |
103 stGetCompoList(TRUE); | |
104 | |
105 foreach ($compos as $id => $compo) | |
106 { | |
107 echo | |
108 "<form>\n". | |
109 " <table class=\"misc\">\n". | |
110 " <tr>\n". | |
111 " <th colspan=\"3\">".chentities($compo["name"])."</th>\n". | |
112 " </tr>\n". | |
113 " <tr>\n". | |
114 " <th>Title</th>\n". | |
115 " <th>Author</th>\n". | |
116 " <th>Actions</th>\n". | |
117 " </tr>\n"; | |
118 | |
119 $prefix = "en"; | |
120 foreach ($compo["entries"] as $eid => $entry) | |
121 { | |
122 echo | |
123 " <tr id=\"entry".$eid."\">\n". | |
124 " <td>".stGetFormTextInput(40, 64, "name", $eid, "en", $entry["name"])."</td>\n". | |
125 " <td>".stGetFormTextInput(40, 64, "author", $eid, "en", $entry["author"])."</td>\n". | |
126 " <td>". | |
127 stGetFormButtonInput("update", $eid, $prefix, " Update ", "updateEntry(".$eid.")"). | |
128 stGetFormButtonInput("delete", $eid, $prefix, " Delete ", "deleteEntry(".$eid.")"). | |
129 "</td>\n". | |
130 " </tr>\n"; | |
131 } | |
132 $prefix = "ne"; | |
133 echo | |
134 " <tr>\n". | |
135 " <td>".stGetFormTextInput(40, 64, "name", $id, "ne", "")."</td>\n". | |
136 " <td>".stGetFormTextInput(40, 64, "author", $id, "ne", "")."</td>\n". | |
137 " <td>".stGetFormButtonInput("add", $id, $prefix, " Add new ", "addEntry(".$id.")")."</td>\n". | |
138 " </tr>\n". | |
139 " </table>\n". | |
140 "</form>\n"; | |
141 } | |
142 break; | |
143 | |
144 case "voters": | |
145 $sql = "SELECT * FROM voters ORDER BY id ASC"; | |
146 } | |
147 | |
148 if (isset($sql) && ($res = execSQLCond($sql, "")) !== FALSE) | |
149 { | |
150 if ($type == "news") | |
151 { | |
152 foreach ($res as $item) | |
153 { | |
154 $id = $item["id"]; | |
155 stPrintNewsItem($item, | |
156 "<br />". | |
157 " <button class=\"button\" id=\"ndel".$id. | |
158 "\" type=\"button\" onclick=\"deleteNews(".$id. | |
159 ")\">Delete</button>\n" | |
160 ); | |
161 } | |
162 } | |
163 else | |
164 if ($type == "attendees") | |
165 { | |
166 echo | |
167 "<table class=\"attendees\">\n". | |
168 " <tr>\n". | |
169 " <th>Name</th>\n". | |
170 " <th class=\"groups\">Group(s)</th>\n". | |
171 " <th class=\"regtime\">Registered</th>\n". | |
172 " <th class=\"oneliner\">Oneliner</th>\n". | |
173 " <th class=\"email\">E-mail</th>\n". | |
174 " <th>Actions</th>\n". | |
175 " </tr>\n"; | |
176 $row = 0; | |
177 foreach ($res as $item) | |
178 stPrintAttendee($item, $row++, TRUE); | |
179 echo "</table>\n"; | |
180 } | |
181 else | |
182 if ($type == "compos") | |
183 { | |
184 foreach ($res as $item) | |
185 { | |
186 $id = $item["id"]; | |
187 $prefix = "co"; | |
188 echo | |
189 "<div id=\"compo".$id."\">\n". | |
190 "<h2>#".$id." - ".chentities($item["name"])."</h2>\n". | |
191 stGetFormTextInput(40, 64, "name", $id, $prefix, $item["name"])."\n". | |
192 stGetFormCheckBoxInput("enabled", $id, $prefix, $item["enabled"], "Enabled")."<br />\n". | |
193 stGetFormTextArea(5, 60, "description", $id, $prefix, $item["description"])."\n<br />\n". | |
194 stGetFormButtonInput("update", $id, $prefix, " Update ", "updateCompo(".$id.")")."\n". | |
195 "</div>\n". | |
196 "<hr />\n"; | |
197 } | |
198 } | |
199 else | |
200 if ($type == "voters") | |
201 { | |
202 echo | |
5
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
203 "<table class=\"voters\">\n". |
0 | 204 " <tr>\n". |
5
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
205 " <th class=\"vid\">#</th>\n". |
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
206 " <th class=\"vkey\">Vote key</th>\n". |
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
207 " <th class=\"vname\">Name</th>\n". |
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
208 " <th style=\"vactive\">Active</th>\n". |
0 | 209 " </tr>\n"; |
210 $row = 0; | |
211 foreach ($res as $item) | |
212 { | |
213 $id = $item["id"]; | |
214 $prefix = "vo"; | |
215 echo | |
216 " <tr>\n". | |
5
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
217 " <tr class=\"".($item["enabled"] ? "vactive " : ""). |
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
218 ($row % 2 == 1 ? "rodd" : "reven")."\" id=\"voter".$id."\">\n". |
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
219 " <td class=\"vid\">".sprintf("%04d", $id)."</td>\n". |
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
220 " <td class=\"vkey\">".chentities($item["key"])."</td>\n". |
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
221 " <td class=\"vname\">".stGetFormTextInput(40, 64, "name", $id, $prefix, $item["name"], |
0 | 222 "onBlur=\"updateVoter(".$id.")\" autocomplete=\"off\"")."</td>\n". |
5
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
223 " <td class=\"vactive\">".stGetFormCheckBoxInput("enabled", $id, $prefix, $item["enabled"], "", |
0 | 224 "onClick=\"updateVoter(".$id.")\"")."</td>\n". |
225 " </tr>\n"; | |
226 $row++; | |
227 } | |
228 echo "</table>\n"; | |
229 } | |
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
230 else |
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
231 if ($type == "settings") |
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
232 { |
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
233 } |
0 | 234 } |
235 break; | |
236 | |
237 case "delete": | |
238 if (stChkRequestItem("id")) | |
239 { | |
240 $id = intval(stGetRequestItem("id")); | |
241 | |
242 if ($type == "news") | |
243 $sql = stPrepareSQL("DELETE FROM news WHERE id=%d AND persist=0", $id); | |
244 else | |
245 if ($type == "attendees") | |
246 $sql = stPrepareSQL("DELETE FROM attendees WHERE id=%d", $id); | |
247 else | |
248 if ($type == "entries") | |
249 $sql = stPrepareSQL("DELETE FROM entries WHERE id=%d", $id); | |
250 | |
251 execSQLCond($sql, "OK, ".$type." item ".$id." deleted."); | |
252 } | |
253 else | |
254 setStatus(901, "No ID specified."); | |
255 break; | |
256 | |
257 case "add": | |
258 if ($type == "news" && stChkRequestItem("text") && stChkRequestItem("author") && stChkRequestItem("title")) | |
259 { | |
260 $sql = stPrepareSQL( | |
261 "INSERT INTO news (utime,title,text,author) VALUES (%d,%S,%Q,%S)", | |
262 time(), "title", "text", "author"); | |
263 | |
264 execSQLCond($sql, "OK, news item added."); | |
265 } | |
266 else | |
267 if ($type == "compo" && stChkRequestItem("name") && stChkRequestItem("description")) | |
268 { | |
269 $sql = stPrepareSQL( | |
270 "INSERT INTO compos (name,description,enabled) VALUES (%S,%Q,0)", | |
271 "name", "description", 0); | |
272 | |
273 execSQLCond($sql, "OK, compo added."); | |
274 } | |
275 else | |
276 if ($type == "entry" && stChkRequestItem("name") && stChkRequestItem("author") && stChkRequestItem("compo_id")) | |
277 { | |
278 $sql = stPrepareSQL( | |
279 "INSERT INTO entries (name,author,compo_id) VALUES (%S,%Q,%D)", | |
280 "name", "author", "compo_id"); | |
281 | |
282 execSQLCond($sql, "OK, entry added."); | |
283 } | |
284 else | |
285 setStatus(902, "No data."); | |
286 break; | |
287 | |
288 case "update": | |
289 if ($type == "attendees" && stChkRequestItem("id") && | |
290 stChkRequestItem("email") && stChkRequestItem("oneliner")) | |
291 { | |
292 $sql = stPrepareSQLUpdate("attendees", | |
293 "WHERE id=".intval(stGetRequestItem("id")), | |
294 array( | |
295 "email" => "S", | |
296 "oneliner" => "S", | |
297 )); | |
298 | |
299 execSQLCond($sql, "OK, attendee updated."); | |
300 } | |
301 else | |
302 if ($type == "news" && stChkRequestItem("id") && | |
303 stChkRequestItem("text") && stChkRequestItem("author") && | |
304 stChkRequestItem("title")) | |
305 { | |
306 $sql = stPrepareSQLUpdate("news", | |
307 "WHERE id=".intval(stGetRequestItem("id")), | |
308 array( | |
309 "title" => "S", | |
310 "text" => "Q", | |
311 "author" => "S" | |
312 )); | |
313 | |
314 execSQLCond($sql, "OK, news item updated."); | |
315 } | |
316 else | |
317 if ($type == "compo" && stChkRequestItem("id") && | |
318 stChkRequestItem("name") && stChkRequestItem("description") && | |
319 stChkRequestItem("enabled")) | |
320 { | |
321 $sql = stPrepareSQLUpdate("compos", | |
322 "WHERE id=".intval(stGetRequestItem("id")), | |
323 array( | |
324 "name" => "S", | |
325 "description" => "Q", | |
326 "enabled" => "B", | |
327 )); | |
328 | |
329 execSQLCond($sql, "OK, compo updated."); | |
330 } | |
331 else | |
332 if ($type == "voter" && stChkRequestItem("id") && | |
333 stChkRequestItem("name") && stChkRequestItem("enabled")) | |
334 { | |
335 $sql = stPrepareSQLUpdate("voters", | |
336 "WHERE id=".intval(stGetRequestItem("id")), | |
337 array( | |
338 "name" => "S", | |
339 "enabled" => "B", | |
340 )); | |
341 | |
342 execSQLCond($sql, "OK, voter updated."); | |
343 } | |
344 else | |
345 if ($type == "entry" && stChkRequestItem("id") && | |
3
916623924bd5
More work on the party management and voting system.
Matti Hamalainen <ccr@tnsp.org>
parents:
0
diff
changeset
|
346 stChkRequestItem("name") && stChkRequestItem("author")) |
0 | 347 { |
348 $sql = stPrepareSQLUpdate("entries", | |
349 "WHERE id=".intval(stGetRequestItem("id"). | |
350 " AND compo_id=".intval(stGetRequestItem("compo_id"))), | |
351 array( | |
352 "name" => "S", | |
353 "author" => "S", | |
354 )); | |
355 | |
356 execSQLCond($sql, "OK, voter updated."); | |
357 } | |
358 else | |
359 setStatus(902, "No data."); | |
360 break; | |
361 | |
362 default: | |
363 setStatus(404, "Not Found"); | |
364 break; | |
365 } | |
366 | |
367 ?> |